If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

[ISSUE] Required double Login to view site properly

Hello, my name is Robert and I have a very weird issue with my company's web site that utilizes VBScript and Asp.net features. I don't know exactly how to word this issue so looking for solutions online have come up very short with solutions, so I thought I would try my hand here. There are two key parts to this problem that need to be addressed, so anyone that might try helping me understands some of the possible complications involved with "I don't know how to word the problem"

Storytime: I recently took a position at this company in an IT capacity. I know some IT infrastructure and systems, but going in I didn't realize how startling things would be having a different background than what the company uses (My background is in Windows server and some Linux, but the office uses nothing but Mac/Apple products. Anyhow, irrelevant) One of the things that became my responsibility was handling the web site, which included updating it from the early 1990's. I have very little experience in web design mostly because that was not my focus nor my degree. But I accepted the task and began making as many changes as I could. Over the past few months now, I have found a problem that has plagued the web site and need to find a way to fix it. The web site uses .asp as a means of populating our products via a connection to a database access file. The product pages use variables to pull information from the linked mdb files and produces items for our users to view. We do not sell from the site, so customer interaction is basic; they log into the web site using a universal password and the password grants them a few various levels of information. Some customers view the full product information, which includes pricing, where as some customers only get to view the specs of the items (no pricing)

The problem we are facing and the one I am having trouble finding a solution for is this; when a user comes to our web site, they are greeted with a login screen. They type in a 5 digit password provided to them from a sales rep and it takes them into the main portion of the site. From there they can navigate in and look at items however the password interaction within the site fails slightly. The user can navigate the entire site, see every product, but unless they go back to the login screen a second time, they see no details nor data. Essentially they can see the image of the products with their names, but unless they hit the "home" button and proceed back to the login screen, that is all the information they get. Now, once they back up to the login screen and enter in their password a second time, everything operates as normal. Since I have very little knowledge of this particular style of web design, and have very limited information about vbscript, trying to decipher the old code and find a fix to this has plagued me some 3 months. The only thing I was able to solve in that time was being able to make it so mobile users didn't have to log in every 5 minutes. (Previously, if a mobile user logged onto the site, they would be forced to log in a second time once they tried to look at a product)

So heres where things get little tricky. For confidential reasons, I cannot post the code on a whole. I can try to provide details on some of the code but I would need to know which portions are needed to be examined. What I can do is detail the path for which the code responds on the site, and it may shed some insight as to what is needed.

So when you go to our domain site, the index page has a login button that captures the info in the password field box, and passes it to the passwordfield variable. This opens into an asp page called redirect, where the asp loads information and checks passwordfield with possible outcomes (if passwordfield = a, then provide pricing, if passwordfield = b, do not provide pricing, for example) If the result is not correct, an error is passed and the user is redirected to an error screen which then directs them to a new page, login.asp (essentially a duplicate of the index page, but it uses passfield as a variable catch instead of passwordfield). When the password is correct, the user is taken to one of two home.asp pages, one for pricing-allowed users, one for no pricing (irrelevant) At this point, if this was the first time the user logged in to the site, navigating to products would reveal no information aside from the name and image of the item; no details (pricing-allowed or otherwise) is showing. If the user hits the home button at the top of any page, it will redirect them to the login.asp page as though their login time expired and force them to log a second time. This time the user gets full privileges and can navigate unhindered.

What I need to know is where, if possible, this series of variables being passed would cause this error insomuch as it would require the user to log in a second time.

Let me know if there is anything further needed that I might be able to scour the code and help facilitate a response.

Regards,
Robert

P.S. I apologize for the format of my question. As I stated its hard for me to really put together a way to discuss the problem, specifically in code, when I do not know where the issue might be. There is a lot of code in various places throughout the web site, and it would be difficult to define the entire web site and its code into a forum post.